Hello Sammy, The default kamailio.cfg was quite intimidating for me while trying to read it, so I got a simpler one that just proxies all requests to a backend PBX and started from there. Here's my current configuration file (Public IP masked): #!KAMAILIO
#!define IPADDRESS "X.X.X.X"
#!define FLAG_FROM_SWITCH 1 #!define FLAG_FROM_USER 2
#!define NODE_FAILURE 100 mpath = "/usr/lib/x86_64-linux-gnu/kamailio/modules" listen = "X.X.X.X"
# ------------------ module loading ---------------------------------- loadmodule "mi_fifo.so" loadmodule "tm.so" loadmodule "rr.so" loadmodule "pv.so" loadmodule "sl.so" loadmodule "maxfwd.so" loadmodule "nathelper.so" loadmodule "textops.so" loadmodule "sdpops.so" loadmodule "siputils.so" loadmodule "xlog.so" loadmodule "sanity.so" loadmodule "path.so" loadmodule "dispatcher.so" loadmodule "usrloc.so"
# ----------------- setting module-specific parameters --------------- modparam("mi_fifo", "fifo_name", "/var/run/kamailio/kamailio_fifo") modparam("nathelper|registrar", "received_avp", "$avp(s:rcv)") modparam("dispatcher", "dst_avp", "$avp(AVP_DST)") modparam("dispatcher", "grp_avp", "$avp(GRP_DST)") modparam("dispatcher", "cnt_avp", "$avp(CNT_DST)") modparam("dispatcher", "ds_ping_method", "OPTIONS") modparam("dispatcher", "ds_ping_interval", 3) modparam("dispatcher", "ds_probing_threshhold", 1) modparam("dispatcher", "ds_probing_mode", 1) # ------------------------- request routing logic ------------------- # main routing logic
route { # Handle insane requests route(SANITY_CHECK);
# CANCEL processing if (is_method("CANCEL")) { if (t_check_trans()) { t_relay(); } exit; }
# Determine where the requests are coming from route(CHECK_SOURCE_IP);
# Handle NAT route(NAT_DETECT);
# Handle existing SIP dialogs route(WITHINDLG);
# Process new SIP dialogs below if (is_method("INVITE|REFER")) { record_route(); }
if (is_method("REGISTER")) { add_path(); }
if (isflagset(FLAG_FROM_SWITCH)) { # don't send INVITE from SWITCH back to SWITCH, set reply route to handle NAT and forward them along t_on_reply("EXTERNAL_REPLY"); } else { # Route to one of the switches #route(TO_SWITCH_NODE); if(!ds_select_dst("1", "1")) { sl_send_reply("503", "No route available"); exit; } }
route(RELAY); }
# Failover gracefully route[TO_SWITCH_NODE] { ds_select_dst("1", "1"); t_on_failure(NODE_FAILURE); t_relay(); exit(); }
failure_route[NODE_FAILURE] { ds_mark_dst("p"); ds_next_dst(); t_on_failure(NODE_FAILURE); t_relay(); }
route[SANITY_CHECK] { if (!sanity_check()) { exit; }
if (!mf_process_maxfwd_header("10")) { send_reply("483", "Too Many Hops"); exit; }
if ($ua == "friendly-scanner" || $ua == "sundayddr" || $ua =~ "sipcli" ) { exit; }
if ($si == IPADDRESS) { exit; }
}
route[CHECK_SOURCE_IP] { if (ds_is_from_list("1")) { setflag(FLAG_FROM_SWITCH); } else { setflag(FLAG_FROM_USER); } }
# Handle requests within SIP dialogs route[WITHINDLG] { if (has_totag()) { # sequential request withing a dialog should # take the path determined by record-routing #lookup("location"); if (loose_route()) { route(RELAY); } else { if (is_method("NOTIFY")) { route(RELAY); } if (is_method("SUBSCRIBE") && uri == myself) { # in-dialog subscribe requests exit; } if (is_method("ACK")) { if (t_check_trans()) { # no loose-route, but stateful ACK; # must be an ACK after a 487 # or e.g. 404 from upstream server t_relay(); exit; } else { # ACK without matching transaction ... ignore and discard exit; } } sl_send_reply("404","Not here"); } exit; } }
onreply_route[EXTERNAL_REPLY] { route(NAT_TEST_AND_CORRECT); }
route[NAT_TEST_AND_CORRECT] { if (nat_uac_test("19")) { if (is_method("REGISTER")) { fix_nated_register(); } else { fix_nated_contact(); } force_rport(); } if (has_body("application/sdp") && nat_uac_test("8")) { fix_nated_sdp("10"); } }
route[RELAY] { if (!t_relay()) { xlog("L_WARN", "RELAY failed!\n"); sl_reply_error(); } exit; }
route[NAT_DETECT] { force_rport(); if(nat_uac_test("19")) { if(is_method("REGISTER")) { fix_nated_register(); add_path_received(); #save("location"); } else { # Disabled, maybe unnecessary # if(is_first_hop()) # set_contact_alias(); fix_nated_contact(); }
if (sdp_content()) { fix_nated_sdp("10"); } } return; }
Regards, Iskren
On 05/05/17 16:36, SamyGo wrote:
Hi, Can you share the config file. Seems you've made changes to configuration file. Using save("location") w/o any authentication above it will result in anyone getting 200OK for a REGISTER.
Looking at the config will help point you to the right way.
Regards, Sammy
On Fri, May 5, 2017 at 10:56 AM, Iskren Hadzhinedev <iskren.hadzhinedev@ikiji.com mailto:iskren.hadzhinedev@ikiji.com> wrote:
Hi list! I'm using kamailio 4.2 for load-balancing and failover via dispatcher, but I'm having some NAT related issues and I was hoping that someone might point me in the right direction. My setup is the following: PSTN - PBX - kamailio - NAT - client Calls from the NATed client to PSTN and/or PBX features (e.g. voicemail) work just fine. However, when a call comes from PSTN to the client, kamailio sends the INVITE to the client's RFC1918 IP and I can't figure out how to send it to the correct destination. I tried loading the registrar and usrloc modules and used save("location") during REGISTER and lookup("location") just before loose_route(), but the end result was that kamailio replied to REGISTERs with any username/password with a 200 OK and the endpoints never registered with the PBX. I can attach the config file if that will help. Thanks for all input in advance! Regards, Iskren _______________________________________________ Kamailio (SER) - Users Mailing List sr-users@lists.kamailio.org <mailto:sr-users@lists.kamailio.org> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users <https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users>
Kamailio (SER) - Users Mailing List sr-users@lists.kamailio.org https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users